diff mbox series

[OpenWrt-Devel,fstools] block: validate amount of arguments for the "autofs" command

Message ID 20181207162631.11377-1-zajec5@gmail.com
State Accepted
Headers show
Series [OpenWrt-Devel,fstools] block: validate amount of arguments for the "autofs" command | expand

Commit Message

Rafał Miłecki Dec. 7, 2018, 4:26 p.m. UTC 
From: Rafał Miłecki <rafal@milecki.pl>

Using argv[3] without checking argc value could result in undefined
behavior. It could result in a crash or accessing a NULL that separates
argv from envp on UNIX.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
---
 block.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

Comments

John Crispin Dec. 7, 2018, 6:34 p.m. UTC | #1 
nitpickering ...

On 07/12/2018 17:26, Rafał Miłecki wrote:
> From: Rafał Miłecki <rafal@milecki.pl>
>
> Using argv[3] without checking argc value could result in undefined
> behavior. It could result in a crash or accessing a NULL that separates
> argv from envp on UNIX.
>
> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
> ---
>   block.c | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/block.c b/block.c
> index 8972fdf..1edc9b8 100644
> --- a/block.c
> +++ b/block.c
> @@ -1189,8 +1189,12 @@ static int main_autofs(int argc, char **argv)
>   				blockd_notify(pr->dev, m, pr);
>   		}
>   		return 0;
> +	} else {
> +		if (argc < 4)
> +			return -EINVAL;
> +
> +		return mount_action(argv[2], argv[3], TYPE_AUTOFS);

we can reduce one indentation here

else if (argc < 4)

     return -EINVAL;

return mount_action(argv[2], argv[3], TYPE_AUTOFS);

or not ?!

regardless ...

Acked-by: John Crispin <john@phrozen.org>


>   	}
> -	return mount_action(argv[2], argv[3], TYPE_AUTOFS);
>   }
>   
>   static int find_block_mtd(char *name, char *part, int plen)
Paul Oranje Dec. 9, 2018, 11:16 p.m. UTC | #2 
Small remark.

> Op 7 dec. 2018, om 17:26 heeft Rafał Miłecki <zajec5@gmail.com> het volgende geschreven:
> 
> From: Rafał Miłecki <rafal@milecki.pl>
> 
> Using argv[3] without checking argc value could result in undefined
> behavior. It could result in a crash or accessing a NULL that separates
> argv from envp on UNIX.
> 
> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
> ---
> block.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/block.c b/block.c
> index 8972fdf..1edc9b8 100644
> --- a/block.c
> +++ b/block.c
> @@ -1189,8 +1189,12 @@ static int main_autofs(int argc, char **argv)
> 				blockd_notify(pr->dev, m, pr);
> 		}
> 		return 0;
> +	} else {
After return the if scope ends, so the else is superfluous.
> +		if (argc < 4)
> +			return -EINVAL;
> +
> +		return mount_action(argv[2], argv[3], TYPE_AUTOFS);
> 	}
> -	return mount_action(argv[2], argv[3], TYPE_AUTOFS);
> }
> 
> static int find_block_mtd(char *name, char *part, int plen)
> -- 
> 2.13.7
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
diff mbox series

Patch

diff --git a/block.c b/block.c
index 8972fdf..1edc9b8 100644
--- a/block.c
+++ b/block.c
@@ -1189,8 +1189,12 @@  static int main_autofs(int argc, char **argv)
 				blockd_notify(pr->dev, m, pr);
 		}
 		return 0;
+	} else {
+		if (argc < 4)
+			return -EINVAL;
+
+		return mount_action(argv[2], argv[3], TYPE_AUTOFS);
 	}
-	return mount_action(argv[2], argv[3], TYPE_AUTOFS);
 }
 
 static int find_block_mtd(char *name, char *part, int plen)